AMENDMENTS TO THE CLAIMS 

This listing of claims will replace all prior versions, and listings, of claims 
in the application: 



Listing of Claims: 
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1 f 1 . (Currently amended) A method for operating a key distribution center 

2 (KDC) that provides keys to facilitate secure communications between clients and 
servers across a computer network, wherein the KDC operates without having to 
store long-term server secrets, comprising: 

receiving a communication that is authenticat e d from a server at th e 
KDCthat is authenticated at the KDC: 



wherein the communication includes a temporary secret key to be used in 
communications with the server for a limited time period; and 

storing the temporary secret key at the KDC, so that the temporary secret 
key can be subsequently used to facilitate communications between a client and 
the server. 



1 2. (Original) The method of claim 1, wherein upon subsequently 

2 receiving a request from the client at the KDC to communicate with the server, 

3 the method further comprises facilitating communications between the client and 

4 the server by: 

5 producing a session key to be used in communications between the client 

6 and server; 

7 creating a ticket to the server by encrypting an identifier for the client and 

8 the session key with the temporary secret key for the server; and 
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9 assembling a message that includes the identifier for the server, the session 

10 key and the ticket to the server; and 

1 1 sending the message to the client in a secure manner; and 

12 allowing the client to forward the ticket to the server in order to initiate 

1 3 communications between the client and the server. 

1 3. (Original) The method of claim 2, wherein upon receiving the 

2 ticket from the client at the server, the method further comprises: 

3 decrypting the ticket at the server using the temporary secret key to restore 

4 the session key and the identifier for the client; and 

5 using the session key at the server to protect subsequent communications 

6 between the server and the client. 

1 4. (Original) The method of claim 2, wherein assembling the 

2 message involves including an expiration time for the session key in the message. 

1 5. (Original) The method of claim 2, wherein allowing the client to 

2 forward the ticket to the server includes allowing the client to forward an 

3 identifier for the temporary secret key to the server, so that the server can know 

4 which temporary secret key to use in decrypting the ticket. 

1 6. (Original) The method of claim 2, wherein sending the message to 

2 the client in the secure manner involves encrypting the message with a second 

3 session key that was previously communicated to the client by the KDC. 

1 7. (Original) The method of claim 2, further comprising alternatively 

2 creating the ticket to the server by encrypting the identifier for the client and the 

3 session key with one of: 

3 
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1 a public key for the server; and 

2 a secret key for the server previously agreed upon between the server and 

3 the KDC and stored at the KDC. 

1 8. (Original) The method of claim 1, wherein receiving the 

2 communication from the server involves authenticating the server. 



1 9. (Original) The method of claim 8, wherein authenticating the 

2 server involves using authentication information pertaining to the server, the 

3 authentication information including a certificate chain from a trust anchor to the 

4 server, and including a server public key that is associated with a server private 

5 key to form a public key-private key pair associated with the server. 

\ 



1 10. (Original) The method of claim 8, wherein authenticating the 

2 server involves authenticating the server without having prior configuration 

3 information pertaining to the server at the KDC. 

1 11. (Original) The method of claim 8, wherein authenticating the 

2 server includes using a server public key that is stored locally in the KDC. 

1 12. (Original) The method of claim 1, wherein the temporary secret 

2 key is encrypted with a public key belonging to the KDC, so that the temporary 

3 secret key can only be decrypted using a private key belonging to the KDC. 

1 13. (Original) The method of claim 1, wherein the communication is 

2 signed with a server private key so that the KDC can use a corresponding server 

3 public key to verify that the communication was sent by the server. 
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1 14. (Original) The method of claim 1, wherein the communication is 

2 received in response to a request being sent by the KDC to the server indicating 

3 that the temporary secret key is needed from the server. 

1 15. (Original) The method of claim 1 , further comprising 

2 communicating information to the server that enables the server to authenticate 

3 the KDC. 

1 1 6. (Original) The method of claim 1 , wherein the KDC operates in 

2 accordance with the Kerberos standard. 

1 1 7. (Original) The method of claim 1 , wherein the communication 

2 received from the server additionally includes an identifier for the server. 

1 18. (Original) The method of claim 1 5 further comprising propagating 

2 the temporary secret key to multiple KDCs. 

1 / 19. (Currently amended) A computer-readable storage medium storing 

2 instructions that when executed by a computer cause the computer to perform a 

3 method for operating a key distribution center (KDC) that provides keys to 

4 facilitate secure communications between clients and servers across a computer 

5 network, wherein the KDC operates without having to store long-term server 

6 secrets, the method comprising: 

7 receiving a communication that is authenticat e d from a server at th e 

8 KDG that is authenticated at the KDC ; 

9 wherein the communication includes a temporary secret key to be used in 
10 communications with the server for a limited time period; and 
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1 1 storing the temporary secret key at the KDC, so that the temporary secret 

12 key can be subsequently used to facilitate communications between a client and 

13 the server. 

1 20. (Original) The computer-readable storage medium of claim 19, 

2 wherein upon subsequently receiving a request from the client at the KDC to 

3 communicate with the server, the method further comprises facilitating 

4 communications between the client and the server by: 

5 producing a session key to be used in communications between the client 

6 and server; 

7 creating a ticket to the server by encrypting an identifier for the client and 

8 the session key with the temporary secret key for the server; and 

9 assembling a message that includes the identifier for the server, the session 

10 key and the ticket to the server; and 

1 1 sending the message to the client in a secure manner; and 

12 allowing the client to forward the ticket to the server in order to initiate 

13 communications between the client and the server. 

1 21 . (Original) The computer-readable storage medium of claim 20, 

2 wherein upon receiving the ticket from the client at the server, the method further 

3 comprises: 

4 decrypting the ticket at the server using the temporary secret key to restore 

5 the session key and the identifier for the client; and 

6 using the session key at the server to protect subsequent communications 

7 between the server and the client. 
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1 22. (Original) The computer-readable storage medium of claim 20, 

2 wherein assembling the message involves including an expiration time for the 

3 session key in the message. 

1 23. (Original) The computer-readable storage medium of claim 20, 

2 wherein allowing the client to forward the ticket to the server includes allowing 

3 the client to forward an identifier for the temporary secret key to the server, so that 

4 the server can know which temporary secret key to use in decrypting the ticket. 

1 24. (Original) The computer-readable storage medium of claim 20, 

2 wherein sending the message to the client in the secure manner involves 

3 encrypting the message with a second session key that was previously 

4 communicated to the client by the KDC. 

1 25. (Original) The computer-readable storage medium of claim 20, 

2 wherein the method further comprises alternatively creating the ticket to the server 

3 by encrypting the identifier for the client and the session key with one of: 

4 a public key for the server; and 

5 a secret key for the server previously agreed upon between the server and 

6 the KDC and stored at the KDC. 

1 26. (Original) The computer-readable storage medium of claim 19, 

2 wherein receiving the communication from the server involves authenticating the 

3 server. 

1 27. (Original) The computer-readable storage medium of claim 26, 

2 wherein authenticating the server involves using authentication information 

3 pertaining to the server, the authentication information including a certificate 
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4 chain from a trust anchor to the server, and including a server public key that is 

5 associated with a server private key to form a public key-private key pair 

6 associated with the server. 

1 28. (Original) The computer-readable storage medium of claim 26, 

2 wherein authenticating the server involves authenticating the server without 

3 having prior configuration information pertaining to the server at the KDC. 

1 29. (Original) The computer-readable storage medium of claim 26, 

2 wherein authenticating the server includes using a server public key that is stored 

3 locally in the KDC. 

1 30. (Original) The computer-readable storage medium of claim 19, 

2 wherein the temporary secret key is encrypted with a public key belonging to the 

3 KDC, so that the temporary secret key can only be decrypted using a private key 

4 belonging to the KDC. 

1 31. (Original) The computer-readable storage medium of claim 19, 

2 wherein the communication is signed with a server private key so that the KDC 

3 can use a corresponding server public key to verify that the communication was 

4 sent by the server. 

1 32. (Original) The computer-readable storage medium of claim 19, 

2 wherein the communication is received in response to a request being sent by the 

3 KDC to the server indicating that the temporary secret key is needed from the 

4 server. 
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1 33. (Original) The computer-readable storage medium of claim 19, 

2 wherein the method further comprises communicating information to the server 

3 that enables the server to authenticate the KDC 

1 34. (Original) The computer-readable storage medium of claim 19, 

2 wherein the KDC operates in accordance with the Kerberos standard. 

1 35. (Original) The computer-readable storage medium of claim 19, 

2 wherein the communication received from the server additionally includes an 

3 identifier for the server. 

1 36. (Original) The computer-readable storage medium of claim 19, 

2 wherein the method further comprises propagating the temporary secret key to 

3 multiple KDCs. 

1 /37. (Original) An apparatus that provides keys to facilitate secure 

2 communications between clients and servers across a computer network, wherein 

3 the apparatus operates without having to store long-term server secrets, 

4 comprising: 

5 a key distribution center (KDC); 

6 a receiving mechanism within the KDC that is configured to receive a 

7 communication from a server; 

8 wherein the communication includes a temporary secret key to be used in 

9 communications with the server for a limited time period; and 

10 a storage mechanism within the KDC that is configured to store the 

1 1 temporary secret key at the KDC, so that the temporary secret key can be 

12 subsequently used to facilitate communications between a client and the server. 
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1 38. (Original) The apparatus of claim 37, further comprising a 

2 communication facilitation mechanism within the KDC, wherein upon receiving a 

3 request from the client to communicate with the server, the communication 

4 facilitation mechanism is configured to: 

5 produce a session key to be used in communications between the client 

6 and server; 

7 create a ticket to the server by encrypting an identifier for the client and 

8 the session key with the temporary secret key for the server; 

9 assemble a message that includes the identifier for the server, the session 
1 0 key and the ticket to the server; 

^ 1 1 send the message to the client in a secure manner; and to 

12 allow the client to forward the ticket to the server in order to initiate 

13 communications between the client and the server. 

1 39. (Original) The apparatus of claim 38, further comprising a 

2 mechanism within the server that is configured to: 

3 decrypt the ticket received from the client using the temporary secret key 

4 to restore the session key and the identifier for the client; and to 

5 use the session key to protect subsequent communications between the 

6 server and the client. 

1 40. (Original) The apparatus of claim 38, wherein the communication 

2 facilitation mechanism is configured to include an expiration time for the session 

3 key in the message. 

1 41 . (Original) The apparatus of claim 38, wherein the client is 

2 configured to additionally forward an identifier for the temporary secret key to the 
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1 server, so that the server can know which temporary secret key to use in 

2 decrypting the ticket. 

1 42. (Original) The apparatus of claim 38, wherein in sending the 

2 message to the client in the secure manner, the communication facilitation 

3 mechanism is configured to encrypt the message with a second session key that 

4 was previously communicated to the client by the KDC. 

1 43. (Original) The apparatus of claim 38, wherein the communication 

2 facilitation mechanism is configured to alternatively create the ticket to the server 

3 by encrypting the identifier for the client and the session key with one of: 

4 a public key for the server; and 

5 a secret key for the server previously agreed upon between the server and 

6 the KDC and stored at the KDC. 

1 44. (Original) The computer-readable storage medium of claim 37, 

2 further comprising an authentication mechanism that is configured to authenticate 

3 the server. 

1 45. (Original) The apparatus of claim 44, wherein in authenticating 

2 the server, the authentication mechanism is configured to use authentication 

3 information pertaining to the server, the authentication information including a 

4 certificate chain from a trust anchor to the server, and including a server public 

5 key that is associated with a server private key to form a public key-private key 

6 pair associated with the server. 
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1 46. (Original) The apparatus of claim 44, wherein in authenticating 

2 the server the authentication mechanism is configured to operate without having 

3 prior configuration information pertaining to the server at the KDC. 

1 47. (Original) The apparatus of claim 44, wherein in authenticating 

2 the server, the authentication mechanism is configured to use a server public key 

3 that is stored locally in the KDC. 



1 48. (Original) The apparatus of claim 37, wherein the temporary secret 

2 key is encrypted with a public key belonging to the KDC, so that the temporary 

3 secret key can only be decrypted using a private key belonging to the KDC. 

1 49. (Original) The apparatus of claim 37, wherein the communication 

2 is signed with a server private key so that the KDC can use a corresponding server 

3 public key to verify that the communication was sent by the server. 

1 50. (Original) The apparatus of claim 37, further comprising a 

2 requesting mechanism within the KDC that is configured to send a request to the 

3 server indicating that the temporary secret key is needed from the server. 

1 51. (Original) The apparatus of claim 37, further comprising a sending 

2 mechanism that is configured to send information to the server that enables the 

3 server to authenticate the KDC. 

1 52. (Original) The apparatus of claim 37, wherein the KDC is 

2 configured to operate in accordance with the Kerberos standard. 
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1 53. (Original) The apparatus of claim 3 7, wherein the communication 

2 received from the server additionally includes an identifier for the server. 

1 54. (Original) The apparatus of claim 37, wherein the storage 

2 mechanism is additionally configured to communicate the temporary secret key to 

3 multiple KDCs. 
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